Return-Path: william@bourbon.usc.edu Delivery-Date: Fri Nov 14 12:30:03 2008 X-Spam-Checker-Version: SpamAssassin 3.2.3 (2007-08-08) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-2.4 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.2.3 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id mAEKU3uU028079 for ; Fri, 14 Nov 2008 12:30:03 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.14.2/8.14.1) with ESMTP id mAEKPmPP016700 for ; Fri, 14 Nov 2008 12:25:48 -0800 Message-Id: <200811142025.mAEKPmPP016700@bourbon.usc.edu> To: cs551@merlot.usc.edu Subject: Re: SHA1 function returning incorrect hash value Date: Fri, 14 Nov 2008 12:25:48 -0800 From: Bill Cheng Someone wrote: > So is the following correct to check the SHA1 of a file itself?: > > cat blondie1.mp3 | openssl sha1 > > The reason I ask is that my SHA1 output for blondie1.mp3 matches the output > from the above, but it doesn't match the output in the spec, so I just want > to double check. The FileSize also did not match because the file, "blondie1.mp3", is actually different! (I think "blondie1.mp3" is not even a MP3 file.) I've updated the SHA1 and FileSize values in the spec. Sorry about the confusion. -- Bill Cheng // bill.cheng@usc.edu On Mon, Nov 10, 2008 at 9:47 PM, Bill Cheng wrote: > Someone wrote: > > > Is there any similar utility like the one we had for warmup1 ( > > ~csci551b/bin/filemd5 [-o offset] [file]) to check the SHA1 value ? > > You can run "openssl sha1 [file]". > > If you have a short ASCII string, you can do: > > echo -n "YOURSTRING" | openssl sha1 > -- > Bill Cheng // bill.cheng@usc.edu > > > > > On Mon, Nov 10, 2008 at 7:45 PM, Bill Cheng > wrote: > > > Someone wrote: > > > > > When I used SHA1() / MD5 function to calculate hash value of a string > I > > do > > > get incorrect value. > > > > Could you give an example? > > > > > But if I used *SHA1_Init()*, *SHA1_Update()* and *SHA1_Final()* , > > > collectively I do get correct hash value ? > > > Same is the case with MD5. > > > > > > What could be the reason for this ? > > > > Bugs?! > > > > > Or its safe to use *SHA1_Init()*, * > > > SHA1_Update()* and *SHA1_Final()* functions always ? > > > > They are equivalent. For example, in GetUOID(), we call > > SHA1() directly. It would be an overkill to use > > SHA1_Init(), SHA1_Update(), and SHA1_Final(). > > -- > > Bill Cheng // bill.cheng@usc.edu